Hard Languages in NP ∩ coNP and NIZK Proofs from Unstructured Hardness
Authors: 
Riddhi Ghosal, Yuval Ishai, Alexis Korb, Eyal Kushilevitz, Paul Lou, Amit SahaiAuthors Info & Claims
Riddhi Ghosal, Yuval Ishai, Alexis Korb, Eyal Kushilevitz, Paul Lou, Amit SahaiAuthors Info & ClaimsPages 1243 - 1256
Abstract
The existence of “unstructured” hard languages in NP ∩ coNP is an intriguing open question. Bennett and Gill (SICOMP, 1981) asked whether P is separated from NP ∩ coNP relative to a random oracle, a question that remained open ever since. While a hard language in NP ∩ coNP can be constructed in a black-box way from a one-way permutation, for which only few (structured) candidates exist, Bitansky et al. (SICOMP, 2021) ruled out such a construction based on an injective one-way function, an unstructured primitive that is easy to instantiate heuristically. In fact, the latter holds even with a black-box use of indistinguishability obfuscation.
We give the first evidence for the existence of unstructured hard languages in NP ∩ coNP by showing that if UP ⊈RP, which follows from the existence of injective one-way functions, the answer to Bennett and Gill’s question is affirmative: with probability 1 over a random oracle O, we have that PO ≠ NPO ∩ coNPO. Our proof gives a constructive non-black-box approach for obtaining candidate hard languages in NP ∩ coNP from cryptographic hash functions.
The above conditional separation builds on a new construction of non-interactive zero-knowledge (NIZK) proofs, with a computationally unbounded prover, to convert a hard promise problem into a hard language. We obtain such NIZK proofs for NP, with a uniformly random reference string, from a special kind of hash function which is implied by (an unstructured) random oracle. This should be contrasted with previous constructions of such NIZK proofs that are based on one-way permutations or other structured primitives, as well as with (computationally sound) NIZK arguments in the random oracle model.
References
[1]
Martin R. Albrecht, Lorenzo Grassi, Léo Perrin, Sebastian Ramacher, Christian Rechberger, Dragos Rotaru, Arnab Roy, and Markus Schofnegger. 2019. Feistel Structures for MPC, and More. In ESORICS 2019: 24th European Symposium on Research in Computer Security, Part II (Lecture Notes in Computer Science, Vol. 11736 ), Kazue Sako, Steve Schneider, and Peter Y. A. Ryan (Eds.). Springer, Heidelberg, Germany, Luxembourg, 151-171. https://doi.org/10.1007/978-3-030-29962-0_8
[2]
Martin R. Albrecht, Lorenzo Grassi, Christian Rechberger, Arnab Roy, and Tyge Tiessen. 2016. MiMC: Eficient Encryption and Cryptographic Hashing with Minimal Multiplicative Complexity. In Advances in Cryptology-ASIACRYPT 2016, Part I (Lecture Notes in Computer Science, Vol. 10031 ), Jung Hee Cheon and Tsuyoshi Takagi (Eds.). Springer, Heidelberg, Germany, Hanoi, Vietnam, 191-219. https://doi.org/10.1007/978-3-662-53887-6_7
[3]
Boaz Barak. 2016. Why do we care about random oracles ? https://www.boazbarak. org/Courses/avg_case_depth.pdf. Accessed: 2023-03-19.
[4]
Mihir Bellare and Phillip Rogaway. 1993. Random Oracles are Practical: A Paradigm for Designing Eficient Protocols. In ACM CCS 93: 1st Conference on Computer and Communications Security, Dorothy E. Denning, Raymond Pyle, Ravi Ganesan, Ravi S. Sandhu, and Victoria Ashby (Eds.). ACM Press, Fairfax, Virginia, USA, 62-73. https://doi.org/10.1145/168588.168596
[5]
Mihir Bellare and Moti Yung. 1996. Certifying Permutations: Noninteractive Zero-Knowledge Based on Any Trapdoor Permutation. Journal of Cryptology 9, 3 ( June 1996 ), 149-166.
[6]
Charles H Bennett and John Gill. 1981. Relative to a Random Oracle A, PA ≠ NPA ≠ co-NPA with Probability 1. SIAM J. Comput. 10, 1 ( 1981 ), 96-113. https: //doi.org/10.1137/0210008
[7]
Nir Bitansky, Akshay Degwekar, and Vinod Vaikuntanathan. 2021. Structure Versus Hardness Through the Obfuscation Lens. SIAM J. Comput. 50, 1 ( 2021 ), 98-144. https://doi.org/10.1137/17M1136559
[8]
Nir Bitansky and Omer Paneth. 2015. ZAPs and Non-Interactive Witness Indistinguishability from Indistinguishability Obfuscation. In Theory of Cryptography-12th Theory of Cryptography Conference, TCC 2015, Warsaw, Poland, March 23-25, 2015, Proceedings, Part II (Lecture Notes in Computer Science, Vol. 9015 ), Yevgeniy Dodis and Jesper Buus Nielsen (Eds.). Springer, 401-427. https://doi.org/10.1007/978-3-662-46497-7_16
[9]
Nir Bitansky, Omer Paneth, and Daniel Wichs. 2016. Perfect Structure on the Edge of Chaos-Trapdoor Permutations from Indistinguishability Obfuscation. In TCC 2016-A: 13th Theory of Cryptography Conference, Part I (Lecture Notes in Computer Science, Vol. 9562 ), Eyal Kushilevitz and Tal Malkin (Eds.). Springer, Heidelberg, Germany, Tel Aviv, Israel, 474-502. https://doi.org/10.1007/978-3-662-49096-9_20
[10]
Manuel Blum, Paul Feldman, and Silvio Micali. 1988. Non-Interactive ZeroKnowledge and Its Applications (Extended Abstract). In 20th Annual ACM Symposium on Theory of Computing. ACM Press, Chicago, IL, USA, 103-112. https://doi.org/10.1145/62212.62222
[11]
Manuel Blum and Russell Impagliazzo. 1987. Generic Oracles and Oracle Classes (Extended Abstract). In 28th Annual Symposium on Foundations of Computer Science. IEEE Computer Society Press, Los Angeles, CA, USA, 118-126. https: //doi.org/10.1109/SFCS. 1987.30
[12]
Gilles Brassard. 1979. Relativized cryptography. In 20th Annual Symposium on Foundations of Computer Science (sfcs 1979 ). 383-391. https://doi.org/10.1109/ SFCS. 1979.36
[13]
Ran Canetti, Yilei Chen, Justin Holmgren, Alex Lombardi, Guy N. Rothblum, Ron D. Rothblum, and Daniel Wichs. 2019. Fiat-Shamir: from practice to theory. In Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing, STOC 2019, Phoenix, AZ, USA, June 23-26, 2019, Moses Charikar and Edith Cohen (Eds.). ACM, 1082-1090. https://doi.org/10.1145/3313276.3316380
[14]
Ran Canetti, Oded Goldreich, and Shai Halevi. 2004. The random oracle methodology, revisited. J. ACM 51, 4 ( 2004 ), 557-594. https://doi.org/10.1145/1008731. 1008734
[15]
Ran Canetti and Amit Lichtenberg. 2018. Certifying Trapdoor Permutations, Revisited. In Theory of Cryptography-16th International Conference, TCC 2018, Panaji, India, November 11-14, 2018, Proceedings, Part I (Lecture Notes in Computer Science, Vol. 11239 ), Amos Beimel and Stefan Dziembowski (Eds.). Springer, 476-506. https://doi.org/10.1007/978-3-030-03807-6_18
[16]
Richard Chang, Benny Chor, Oded Goldreich, Juris Hartmanis, Johan Håstad, Desh Ranjan, and Pankaj Rohatgi. 1994. The Random Oracle Hypothesis Is False. J. Comput. Syst. Sci. 49, 1 ( 1994 ), 24-39. https://doi.org/10.1016/S0022-0000 ( 05 ) 80084-4
[17]
Megan Chen, Alessandro Chiesa, and Nicholas Spooner. 2022. On Succinct Non-interactive Arguments in Relativized Worlds. In Advances in Cryptology-EUROCRYPT 2022, Part II (Lecture Notes in Computer Science, Vol. 13276 ), Orr Dunkelman and Stefan Dziembowski (Eds.). Springer, Heidelberg, Germany, Trondheim, Norway, 336-366. https://doi.org/10.1007/978-3-031-07085-3_12
[18]
Anne Condon. 1992. The Complexity of Stochastic Games. Inf. Comput. 96, 2 ( 1992 ), 203-224. https://doi.org/10.1016/ 0890-5401 ( 92 ) 90048-K
[19]
Uriel Feige, Dror Lapidot, and Adi Shamir. 1990. Multiple Non-Interactive Zero Knowledge Proofs Based on a Single Random String (Extended Abstract). In 31st Annual Symposium on Foundations of Computer Science. IEEE Computer Society Press, St. Louis, MO, USA, 308-317. https://doi.org/10.1109/FSCS. 1990.89549
[20]
Amos Fiat and Adi Shamir. 1986. How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In Advances in Cryptology-CRYPTO ' 86, Santa Barbara, California, USA, 1986, Proceedings (Lecture Notes in Computer Science, Vol. 263 ), Andrew M. Odlyzko (Ed.). Springer, 186-194. https://doi.org/ 10.1007/3-540-47721-7_12
[21]
Amos Fiat and Adi Shamir. 1987. How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In Advances in Cryptology-CRYPTO'86 (Lecture Notes in Computer Science, Vol. 263 ), Andrew M. Odlyzko (Ed.). Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 186-194. https://doi.org/10.1007/ 3-540-47721-7_12
[22]
Oded Goldreich, Leonid A. Levin, and Noam Nisan. 2011. On Constructing 1-1 One-Way Functions. In Studies in Complexity and Cryptography., Oded Goldreich (Ed.). Lecture Notes in Computer Science, Vol. 6650. Springer, 13-25. https://doi.org/10.1007/978-3-642-22670-0_3
[23]
Jens Groth, Rafail Ostrovsky, and Amit Sahai. 2006. Non-interactive Zaps and New Techniques for NIZK. In Advances in Cryptology-CRYPTO 2006 (Lecture Notes in Computer Science, Vol. 4117 ), Cynthia Dwork (Ed.). Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 97-111. https://doi.org/10.1007/11818175_6
[24]
Juris Hartmanis and Neil Immerman. 1985. On Complete Problems for NP$\cap$CoNP. In Automata, Languages and Programming, 12th Colloquium, Nafplion, Greece, July 15-19, 1985, Proceedings (Lecture Notes in Computer Science, Vol. 194 ), Wilfried Brauer (Ed.). Springer, 250-259. https://doi.org/10.1007/ BFb0015750
[25]
Chun-Yuan Hsiao, Chi-Jen Lu, and Leonid Reyzin. 2007. Conditional Computational Entropy, or Toward Separating Pseudoentropy from Compressibility. In Advances in Cryptology-EUROCRYPT 2007 (Lecture Notes in Computer Science, Vol. 4515 ), Moni Naor (Ed.). Springer, Heidelberg, Germany, Barcelona, Spain, 169-186. https://doi.org/10.1007/978-3-540-72540-4_10
[26]
Pavel Hubácek, Moni Naor, and Eylon Yogev. 2017. The Journey from NP to TFNP Hardness. In ITCS 2017 : 8th Innovations in Theoretical Computer Science Conference, Christos H. Papadimitriou (Ed.), Vol. 4266. LIPIcs, Berkeley, CA, USA, 60 : 1-60 : 21. https://doi.org/10.4230/LIPIcs.ITCS. 2017.60
[27]
Russell Impagliazzo and Moni Naor. 1988. Decision trees and downward closures. In Proceedings: Third Annual Structure in Complexity Theory Conference, Georgetown University, Washington, D. C., USA, June 14-17, 1988. IEEE Computer Society, 29-38. https://doi.org/10.1109/SCT. 1988.5260
[28]
Russell Impagliazzo and Avi Wigderson. 1997. P = BPP if E Requires Exponential Circuits: Derandomizing the XOR Lemma. In Proceedings of the Twenty-Ninth Annual ACM Symposium on the Theory of Computing, El Paso, Texas, USA, May 4-6, 1997, Frank Thomson Leighton and Peter W. Shor (Eds.). ACM, 220-229. https://doi.org/10.1145/258533.258590
[29]
Vincenzo Iovino and Ivan Visconti. 2019. Non-interactive Zero Knowledge Proofs in the Random Oracle Model. In Codes, Cryptology and Information Security-Third International Conference, C2SI 2019, Rabat, Morocco, April 22-24, 2019, Proceedings-In Honor of Said El Hajji (Lecture Notes in Computer Science, Vol. 11445 ), Claude Carlet, Sylvain Guilley, Abderrahmane Nitaj, and El Mamoun Souidi (Eds.). Springer, 118-141. https://doi.org/10.1007/978-3-030-16458-4_9
[30]
Yuval Ishai, Abishek Kumarasubramanian, Claudio Orlandi, and Amit Sahai. 2010. On Invertible Sampling and Adaptive Security. In Advances in Cryptology-ASIACRYPT 2010 (Lecture Notes in Computer Science, Vol. 6477 ), Masayuki Abe (Ed.). Springer, Heidelberg, Germany, Singapore, 466-482. https://doi.org/10. 1007/978-3-642-17373-8_27
[31]
Abhishek Jain and Zhengzhong Jin. 2021. Non-interactive Zero Knowledge from Sub-exponential DDH. In Advances in Cryptology-EUROCRYPT 2021-40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, October 17-21, 2021, Proceedings, Part I (Lecture Notes in Computer Science, Vol. 12696 ), Anne Canteaut and François-Xavier Standaert (Eds.). Springer, 3-32. https://doi.org/10.1007/978-3-030-77870-5_1
[32]
Walter Ludwig. 1995. A Subexponential Randomized Algorithm for the Simple Stochastic Game Problem. Inf. Comput. 117, 1 ( 1995 ), 151-155. https://doi.org/ 10.1006/inco. 1995.1035
[33]
Eric Miles and Emanuele Viola. 2015. Substitution-Permutation Networks, Pseudorandom Functions, and Natural Proofs. J. ACM 62, 6 ( 2015 ), 46 : 1-46 : 29. https://doi.org/10.1145/2792978
[34]
Moni Naor. 1996. Evaluation May Be Easier Than Generation (Extended Abstract). In Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing, Philadelphia, Pennsylvania, USA, May 22-24, 1996, Gary L. Miller (Ed.). ACM, 74-83. https://doi.org/10.1145/237814.237833
[35]
Noam Nisan and Avi Wigderson. 1994. Hardness vs Randomness. J. Comput. Syst. Sci. 49, 2 ( 1994 ), 149-167. https://doi.org/10.1016/S0022-0000 ( 05 ) 80043-1
[36]
Rafael Pass and Abhi shelat. 2005. Unconditional Characterizations of Noninteractive Zero-Knowledge. In Advances in Cryptology-CRYPTO 2005 (Lecture Notes in Computer Science, Vol. 3621 ), Victor Shoup (Ed.). Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 118-134. https://doi.org/10.1007/11535218_8
[37]
Chris Peikert and Sina Shiehian. 2019. Noninteractive Zero Knowledge for NP from (Plain) Learning with Errors. In Advances in Cryptology-CRYPTO 2019, Part I (Lecture Notes in Computer Science, Vol. 11692 ), Alexandra Boldyreva and Daniele Micciancio (Eds.). Springer, Heidelberg, Germany, Santa Barbara, CA, USA, 89-114. https://doi.org/10.1007/978-3-030-26948-7_4
[38]
Omer Reingold, Luca Trevisan, and Salil P. Vadhan. 2004. Notions of Reducibility between Cryptographic Primitives. In Theory of Cryptography, First Theory of Cryptography Conference, TCC 2004, Cambridge, MA, USA, February 19-21, 2004, Proceedings (Lecture Notes in Computer Science, Vol. 2951 ), Moni Naor (Ed.). Springer, 1-20. https://doi.org/10.1007/978-3-540-24638-1_1
[39]
Alon Rosen, Gil Segev, and Ido Shahaf. 2021. Can PPAD Hardness be Based on Standard Cryptographic Assumptions? J. Cryptol. 34, 1 ( 2021 ), 8. https: //doi.org/10.1007/s00145-020-09369-6
[40]
Benjamin Rossman, Rocco A. Servedio, and Li-Yang Tan. 2015. An Average-Case Depth Hierarchy Theorem for Boolean Circuits. In IEEE 56th Annual Symposium on Foundations of Computer Science, FOCS 2015, Berkeley, CA, USA, 17-20 October, 2015, Venkatesan Guruswami (Ed.). IEEE Computer Society, 1030-1048. https: //doi.org/10.1109/FOCS. 2015.67
[41]
Steven Rudich. 1988. Limits on the provable consequences of one-way functions. Ph. D. Dissertation. UC Berkeley.
[42]
Michael Sipser. 1982. On Relativization and the Existence of Complete Sets. In Automata, Languages and Programming, 9th Colloquium, Aarhus, Denmark, July 12-16, 1982, Proceedings (Lecture Notes in Computer Science, Vol. 140 ), Mogens Nielsen and Erik Meineche Schmidt (Eds.). Springer, 523-531. https://doi.org/10. 1007/BFb0012797
[43]
StackExchange. 2014. Reasons to believe P ≠ NP ∩ coNP (or not). https://cstheory.stackexchange.com/questions/20021/reasons-to-believe-pne-np-cap-conp-or-not. Accessed: 2023-03-19.
[44]
Gábor Tardos. 1989. Query complexity, or why is it dificult to seperate NPA ∩ coNPA from PA by random oracles A? Comb. 9, 4 ( 1989 ), 385-392. https: //doi.org/10.1007/BF02125350
[45]
Paul Valiant. 2008. Incrementally Verifiable Computation or Proofs of Knowledge Imply Time/Space Eficiency. In Theory of Cryptography, Fifth Theory of Cryptography Conference, TCC 2008, New York, USA, March 19-21, 2008 (Lecture Notes in Computer Science, Vol. 4948 ), Ran Canetti (Ed.). Springer, 1-18. https://doi.org/10.1007/978-3-540-78524-8_1
[46]
Takashi Yamakawa and Mark Zhandry. 2022. Verifiable Quantum Advantage without Structure. IEEE Computer Society Press, 69-74. https://doi.org/10.1109/ FOCS54457. 2022.00014
[47]
Received 2022-11-07; accepted 2023-02-06
Index Terms
- Hard Languages in NP ∩ coNP and NIZK Proofs from Unstructured Hardness
Recommendations
The shrinking property for NP and coNP
We study the shrinking and separation properties (two notions well-known in descriptive set theory) for NP and coNP and show that under reasonable complexity-theoretic assumptions, both properties do not hold for NP and the shrinking property does not ...
Computationally Sound Proofs
This paper puts forward a new notion of a proof based on computational complexity and explores its implications for computation at large. Computationally sound proofs provide, in a novel and meaningful framework, answers to old and new questions in ...
Comments
Information & Contributors
Information
Published In
June 2023
1926 pages
Copyright © 2023 Owner/Author.
This work is licensed under a Creative Commons Attribution 4.0 International License.
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 02 June 2023
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
STOC '23
Sponsor:
Acceptance Rates
Overall Acceptance Rate 1,469 of 4,586 submissions, 32%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 564Total Downloads
- Downloads (Last 12 months)344
- Downloads (Last 6 weeks)24
Reflects downloads up to 10 Oct 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in